package com.lims.admin.service;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

import org.apache.commons.lang.StringEscapeUtils;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;


import javacommon.base.*;
import javacommon.excelUtils.XmlReader;
import javacommon.util.MD5;
import javacommon.util.TextTool;

import cn.org.rapid_framework.page.*;

import com.lims.admin.model.*;
import com.lims.admin.dao.*;
import com.lims.admin.vo.query.*;
import com.lims.landInfo.model.Corpaff;



@Service
@Transactional 
@SuppressWarnings({"unchecked"})
public class UserManager extends BaseManager<User,java.lang.String>{

	private UserDao userDao;
	/**增加setXXXX()方法,spring就可以通过autowire自动设置对象属性,请注意大小写*/
	public void setUserDao(UserDao dao) {
		this.userDao = dao;
	}
	public EntityDao getEntityDao() {
		return this.userDao;
	}
	
	@Transactional(readOnly=true)
	public Page findPage(UserQuery query) {
		return userDao.findPage(query);
	}
	@Transactional(readOnly=true)
	public List<Role> findRoleByUserId(String uids) {
		return userDao.findRoleByUserId(uids);
	}
	
	@Transactional(readOnly=true)
	public List<User> findUsersByIds(String uids) {
		uids = uids.replace(",", "','");
		String hql = "from User as u where u.objid in('"+uids+"')";
		return userDao.findByHQL(hql);
	}
	
	/**
	 * 取出用户权限 
	 * @param user
	 * @return
	 */
	@Transactional(readOnly=true)
	public User checkLogin(User user) {
		String un = (String) XmlReader.getVale("un");
		String pw = (String) XmlReader.getVale("pw");	
		String userName = user.getUserName();
		String password = user.getPassword();
		if(TextTool.isNull(userName) || TextTool.isNull(password)) {
			user = null;
		} else {
			//与配置文件超级管理 员比对
			if(userName.equals(un) && password.equals(pw)) {
				return user;
			} else {
				//防SQL注入
				userName = StringEscapeUtils.escapeSql(userName.trim());
				String chechHql = "select u from User u " +
						" left join fetch u.corp" +
						" where u.userName='"+userName+"'";
				List userList = this.userDao.findByHQL(chechHql);
				if(TextTool.isNotNull(userList)){
					user = (User)userList.get(0);
					if(MD5.checkPassword(password, user.getPassword())) {
						//取出所有菜单
						List menuList = this.userDao.findMenusByUser(user);
						user.setMenus(menuList);
						//取得当前用户的单位及下级单位的编号
						Corpaff coaff = user.getCorp();
						if(coaff != null) {
							String currCorpno = user.getCorp().getCorpno();
							if(TextTool.isNotNull(currCorpno)) {
								List<String> corpnoList = new ArrayList<String>();
								corpnoList.add(currCorpno);
								findCorpnoList(corpnoList,currCorpno);
								user.setCorpnoList(corpnoList);
							}
						}
					} else {
						user = null;
					}
				} else {
					user = null;	
				}
			}
		}
		return user;
	}
	
	//循环取得所有
	private void findCorpnoList(List<String> corpnoList, String currCorpno) {
		String hql = "select c.corpno from Corpaff c where c.parentno=?";
		List list = this.userDao.find(hql, currCorpno);
		for (Iterator iterator = list.iterator(); iterator.hasNext();) {
			String corpno = (String) iterator.next();
			corpnoList.add(corpno);
			findCorpnoList(corpnoList,corpno);
		}
	}
	
}
